Description
Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters.
Exploits (2)
References (8)
Core 8
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/0370
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13276
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/13282
Vendor Advisory x_refsource_misc
http://www.snkenjoi.com/secadv/secadv7.txt
Vendor Advisory vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013756
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15027
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/20169
Vendor Advisory vdb-entry
x_refsource_osvdb
http://www.osvdb.org/15697
Scores
EPSS
0.0731
EPSS Percentile
91.7%
Details
Status
published
Products (1)
php_labs/profile
Published
Apr 20, 2005
Tracked Since
Feb 18, 2026